1
1
mirror of https://github.com/go-gitea/gitea synced 2025-07-22 18:28:37 +00:00

rework heatmap permissions (#14080)

* now uses the same permission model as for the activity feed:
  only include activities in repos, that the doer has access to.
  this might be somewhat slower.

* also improves handling of user.KeepActivityPrivate (still shows
  the heatmap to self & admins)

* extend tests

* adjust integration test to new behaviour

* add access to actions for admins

* extend heatmap unit tests
This commit is contained in:
Norwin
2020-12-22 02:53:37 +00:00
committed by GitHub
parent 2c9dd71140
commit f6bec85296
8 changed files with 113 additions and 69 deletions

View File

@@ -16,10 +16,10 @@ type UserHeatmapData struct {
}
// GetUserHeatmapDataByUser returns an array of UserHeatmapData
func GetUserHeatmapDataByUser(user *User) ([]*UserHeatmapData, error) {
func GetUserHeatmapDataByUser(user *User, doer *User) ([]*UserHeatmapData, error) {
hdata := make([]*UserHeatmapData, 0)
if user.KeepActivityPrivate {
if !activityReadable(user, doer) {
return hdata, nil
}
@@ -37,22 +37,26 @@ func GetUserHeatmapDataByUser(user *User) ([]*UserHeatmapData, error) {
groupByName = groupBy
}
sess := x.Select(groupBy+" AS timestamp, count(user_id) as contributions").
Table("action").
Where("user_id = ?", user.ID).
And("created_unix > ?", (timeutil.TimeStampNow() - 31536000))
// * Heatmaps for individual users only include actions that the user themself
// did.
// * For organizations actions by all users that were made in owned
// repositories are counted.
if user.Type == UserTypeIndividual {
sess = sess.And("act_user_id = ?", user.ID)
cond, err := activityQueryCondition(GetFeedsOptions{
RequestedUser: user,
Actor: doer,
IncludePrivate: true, // don't filter by private, as we already filter by repo access
IncludeDeleted: true,
// * Heatmaps for individual users only include actions that the user themself did.
// * For organizations actions by all users that were made in owned
// repositories are counted.
OnlyPerformedBy: !user.IsOrganization(),
})
if err != nil {
return nil, err
}
err := sess.GroupBy(groupByName).
return hdata, x.
Select(groupBy+" AS timestamp, count(user_id) as contributions").
Table("action").
Where(cond).
And("created_unix > ?", (timeutil.TimeStampNow() - 31536000)).
GroupBy(groupByName).
OrderBy("timestamp").
Find(&hdata)
return hdata, err
}